On Thu, 20 Jul 1995 08:59:28 -0600 "Kelly C. McDonald" <[log in to unmask]> said: >I verifyed yesterday that the receiving host at U-Texas (which is an IBM >VM machine) will take any host name and assume that its a valid sender >(...) Unfortunately, there are some mail systems still on the Internet >that do not check carefully for forged mail. Until this problem is >resolved, it is likely that incidents like this will continue. The Internet standards demand that forged mail be accepted and delivered. Any other behaviour would be in violation of the standards. It is unfortunate that security was not built in to one of the Internet's most important applications, but there's not much we can do about it and now we all have to live with that. Modifying mail programs to reject forged mail is simply not an option. As for tracing, unless the hacker is careless, computer logs aren't all that useful. There are hundreds of terminal servers all over the Internet that will let anyone dial in and place a telnet call, anonymously. You just have to know the number, which isn't public but is normally known to students or whoever is supposed to use the terminal server. If you can identify the terminal server and the hacker always uses the same one, you may be able to get a warrant to trace any and all calls to the server in the hope of eventually finding out where the hacker is calling from, but without any hard material damage (destroyed/lost business data, etc) this is unlikely, and I don't want to think of the reaction of the countless innocent users whose calls were also traced. I'm afraid the Internet is a big windmill with the door firmly sealed in the open position. There's little to be gained by pointing fingers around. BYU was just the site that the hacker chose as a scapegoat. The best way to find the hacker is to use non-computer methods, such as sending $50 to that Olga character and figuring out who is coming to pick the money from the mailbox. Eric